Amazon Web Services (AWS)
DigiCert® Trust Lifecycle Manager uses a single AWS unified connector type to integrate with a variety of Amazon cloud services, including AWS Certificate Manager (ACM), CloudFront, and Elastic Load Balancing (ELB). Supported functionalities include:
Discover existing certificates in your AWS accounts and add them to your centralized inventory to monitor and manage using Trust Lifecycle Manager.
Request new certificates with automated delivery to AWS Certificate Manager, issuing certificates from any of the CAs available from your Trust Lifecycle Manager account.
Automate management of new and existing certificate deployments for CloudFront and ELB load balancers, issuing certificates from any of the CAs available from your Trust Lifecycle Manager account.
Integration workflow
To set up the integration with Amazon Web Services (AWS), complete these tasks in order.
Task | Documentation | |
|---|---|---|
1. | Select an authentication method to use and set up the required permissions in AWS for the integration with Trust Lifecycle Manager. | |
2. | Add an AWS unified connector in Trust Lifecycle Manager to link to your AWS accounts. | |
3. | (Optional) If your AWS accounts include supported ELB load balancer types, use the Inventory functions in Trust Lifecycle Manager to manage certificate deployments for the connected load balancers. |
Legacy connector types
For enhanced features and a simpler management experience, DigiCert recommends transitioning these legacy connector types to the latest AWS unified connector at your convenience.
On May 7, 2026, we deprecated the dedicated AWS ELB (Application/Network) connector type and moved ELB management to the AWS unified connector. Your existing ELB connectors will continue to work as usual. Once you have an AWS unified connector with the AWS account ID and required permissions for ELB management, assets will automatically transition to the AWS unified connector and the previous ELB connector will be marked with the Action needed state. To transition:
No AWS unified connector yet: Add one that includes the AWS account for the ELB load balancers to manage.
Existing AWS unified connector: Make sure it includes the AWS account and the latest required permissions.
On June 2, 2026, we deprecated the dedicated AWS CloudFront connector type and moved CloudFront management to the AWS unified connector. Your existing CloudFront connectors will continue to work as usual. Once you have an AWS unified connector with the AWS account ID and required permissions for CloudFront management, assets will automatically transition to the AWS unified connector and the previous CloudFront connector will be marked with the Action needed state. To transition:
No AWS unified connector yet: Add one that includes the AWS account for the CloudFront distributions to manage.
Existing AWS unified connector: Make sure it includes the AWS account and the latest required permissions.